﻿namespace Contoso.ActiveDirectory {

    #region Usings
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Text; 
    #endregion

    public interface IUserComputer {

        #region Logon and Password DateTimes
        DateTime? AccountExpires { get; }
        DateTime? AccountExpiresUTC { get; }
        DateTime? BadPasswordTime { get; }
        DateTime? BadPasswordTimeUTC { get; }
        /// <summary>
        /// Last logon, or if not available, whenChanged or whenCreated
        /// </summary>
        DateTime LastActivity { get; }
        DateTime LastActivityUTC { get; }
        DateTime? LastLogon { get; }
        DateTime? LastLogonUTC { get; }
        DateTime? LastLogonTimeStamp { get; }
        DateTime? LastLogonTimeStampUTC { get; }
        DateTime? PwdLastSet { get; }
        DateTime? PwdLastSetUTC { get; }
        #endregion

        bool IsAccountDisabled { get; }
        bool IsTrustedForConstrainedDelegation { get; }
        bool IsTrustedForDelegation { get; }

        /// <summary>
        /// The encryption algorithms supported by user, computer or trust accounts.
        /// The KDC uses this information while generating a service ticket for this account. 
        /// Services and Computers can automatically update this attribute on their respective accounts in Active Directory, 
        /// and therefore need write access to this attribute.
        /// </summary>
        SupportedEncryptionTypeFlags MSDSSupportedEncryptionTypes { get; }

        UserAccountControlFlags MSDSUserAccountControlComputed { get; }

        PrimaryGroup PrimaryGroup { get; }
        UserAccountControlFlags UserAccountControl { get; }

        #region Collections
        IReadOnlyList<string> MSDSAllowedToDelegateTo { get; }
        IReadOnlyList<string> ServicePrincipalName { get; }
        #endregion
    }
}
